From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: [PATCH] addon chrony
Date: Wed, 22 Mar 2023 10:03:15 +0000 [thread overview]
Message-ID: <54D1D26E-1BFA-45E0-A8E3-CFEDAE756319@ipfire.org> (raw)
In-Reply-To: <20230320201837.1887027-1-gerd@hoerst.net>
[-- Attachment #1: Type: text/plain, Size: 16675 bytes --]
Hello Gerd,
Once again, what is the benefit of having a second time sync daemon as an addon?
The one that we use works and it will set the time correctly. So this won’t have any benefit at all. Especially as there is no way to disable the existing ntp-based scripts.
-Michael
> On 20 Mar 2023, at 20:18, Gerd Hoerst <gerd(a)hoerst.net> wrote:
>
> Signed-off-by: Gerd Hoerst <gerd(a)hoerst.net>
> ---
> config/chrony/etc/chrony/chrony.conf | 32 +++++++++
> config/chrony/etc/chrony/chrony.keys | 10 +++
> config/chrony/etc/rc.d/init.d/chrony | 56 +++++++++++++++
> config/rootfiles/packages/chrony | 12 ++++
> lfs/chrony | 102 +++++++++++++++++++++++++++
> make.sh | 1 +
> src/paks/chrony/install.sh | 33 +++++++++
> src/paks/chrony/uninstall.sh | 31 ++++++++
> src/paks/chrony/update.sh | 26 +++++++
> 9 files changed, 303 insertions(+)
> create mode 100644 config/chrony/etc/chrony/chrony.conf
> create mode 100644 config/chrony/etc/chrony/chrony.keys
> create mode 100755 config/chrony/etc/rc.d/init.d/chrony
> create mode 100644 config/rootfiles/packages/chrony
> create mode 100644 lfs/chrony
> create mode 100644 src/paks/chrony/install.sh
> create mode 100644 src/paks/chrony/uninstall.sh
> create mode 100644 src/paks/chrony/update.sh
>
> diff --git a/config/chrony/etc/chrony/chrony.conf b/config/chrony/etc/chrony/chrony.conf
> new file mode 100644
> index 000000000..6c65f5c22
> --- /dev/null
> +++ b/config/chrony/etc/chrony/chrony.conf
> @@ -0,0 +1,32 @@
> +# Welcome to the chrony configuration file. See chrony.conf(5) for more
> +# information about usuable directives.
> +
> +pool 0.ipfire.pool.ntp.org
> +
> +# refclock SOCK /var/run/chrony.ttyAMA0.sock delay 0.0 refid SOCK
> +# refclock PPS /dev/pps0 refid PPS
> +
> +# This directive specify the location of the file containing ID/key pairs for
> +# NTP authentication.
> +keyfile /etc/chrony/chrony.keys
> +
> +# This directive specify the file into which chronyd will store the rate
> +# information.
> +driftfile /var/lib/chrony/chrony.drift
> +
> +# Uncomment the following line to turn logging on.
> +#log tracking measurements statistics
> +
> +# Log files location.
> +logdir /var/log/chrony
> +
> +# Stop bad estimates upsetting machine clock.
> +maxupdateskew 100.0
> +
> +# This directive enables kernel synchronisation (every 11 minutes) of the
> +# real-time clock. Note that it can’t be used along with the 'rtcfile' directive.
> +rtcsync
> +
> +# Step the system clock instead of slewing it if the adjustment is larger than
> +# one second, but only in the first three clock updates.
> +makestep 1 3
> diff --git a/config/chrony/etc/chrony/chrony.keys b/config/chrony/etc/chrony/chrony.keys
> new file mode 100644
> index 000000000..cee70b392
> --- /dev/null
> +++ b/config/chrony/etc/chrony/chrony.keys
> @@ -0,0 +1,10 @@
> +# This file is solely used for NTP authentication with symmetric keys
> +# as defined by RFC 1305 and RFC 5905.
> +#
> +# It can contain ID/key pairs which can be generated using the “keygen” option
> +# from “chronyc”; for example:
> +# chronyc keygen 1 SHA256 256 >> /etc/chrony/chrony.keys
> +# would generate a 256-bit SHA-256 key using ID 1.
> +#
> +# A list of supported hash functions and output encoding can be found in
> +# the "keyfile" section from the "/usr/share/doc/chrony/chrony.txt.gz" file.
> diff --git a/config/chrony/etc/rc.d/init.d/chrony b/config/chrony/etc/rc.d/init.d/chrony
> new file mode 100755
> index 000000000..0a2a0ee8e
> --- /dev/null
> +++ b/config/chrony/etc/rc.d/init.d/chrony
> @@ -0,0 +1,56 @@
> +#!/bin/sh
> +########################################################################
> +# Begin $rc_base/init.d/
> +#
> +# Description : chrony initscript 4 ipfire 2.1x
> +#
> +# Authors : goerdi
> +#
> +# Version : 01.00
> +#
> +# Notes : GPLv3
> +#
> +########################################################################
> +
> +. /etc/sysconfig/rc
> +. $rc_functions
> +
> +SERVER="Chrony Time Server"
> +BINARY=chronyd
> +DAEMON=/usr/sbin/$BINARY
> +CONFIG=/etc/chrony/chrony.conf
> +PIDFILE=/run/chronyd.pid
> +START="$DAEMON -f $CONFIG"
> +
> +#test -f $DAEMON || exit 0
> +[ -x $DAEMON ] || exit 0
> +[ -f $CONFIG ] || exit 0
> +
> +
> +
> +
> +case "$1" in
> + start)
> + boot_mesg "Starting $SERVER"
> + loadproc $START
> + ;;
> + stop)
> + boot_mesg "Stopping $SERVER"
> + killproc -p $PIDFILE $DAEMON
> + ;;
> + restart)
> + boot_mesg "Restarting $CAMSERVER"
> + killproc -p $PIDFILE $DAEMON
> + sleep 3
> + loadproc $START
> + ;;
> + status)
> + statusproc $DAEMON
> + ;;
> + *)
> + echo "Usage: /etc/init.d/chrony {start|stop|restart|status}"
> + exit 1
> + ;;
> +esac
> +
> +exit 0
> diff --git a/config/rootfiles/packages/chrony b/config/rootfiles/packages/chrony
> new file mode 100644
> index 000000000..8386502d4
> --- /dev/null
> +++ b/config/rootfiles/packages/chrony
> @@ -0,0 +1,12 @@
> +#etc/chrony
> +etc/chrony/chrony.keys
> +etc/chrony/chrony.conf
> +etc/rc.d/init.d/chrony
> +usr/bin/chronyc
> +#usr/lib/chrony
> +usr/lib/chrony/chrony-helper
> +usr/sbin/chronyd
> +#usr/share/man/man1/chronyc.1
> +#usr/share/man/man5/chrony.conf.5
> +#usr/share/man/man8/chronyd.8
> +#var/lib/chrony
> diff --git a/lfs/chrony b/lfs/chrony
> new file mode 100644
> index 000000000..8e471ef77
> --- /dev/null
> +++ b/lfs/chrony
> @@ -0,0 +1,102 @@
> +###############################################################################
> +# #
> +# IPFire.org - A linux based firewall #
> +# Copyright (C) 2007-2020 IPFire Team <info(a)ipfire.org> #
> +# #
> +# This program is free software: you can redistribute it and/or modify #
> +# it under the terms of the GNU General Public License as published by #
> +# the Free Software Foundation, either version 3 of the License, or #
> +# (at your option) any later version. #
> +# #
> +# This program is distributed in the hope that it will be useful, #
> +# but WITHOUT ANY WARRANTY; without even the implied warranty of #
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
> +# GNU General Public License for more details. #
> +# #
> +# You should have received a copy of the GNU General Public License #
> +# along with this program. If not, see <http://www.gnu.org/licenses/>. #
> +# #
> +###############################################################################
> +
> +###############################################################################
> +# Definitions
> +###############################################################################
> +
> +include Config
> +
> +VER = 4.3
> +
> +THISAPP = chrony-$(VER)
> +DL_FILE = $(THISAPP).tar.gz
> +DL_FROM = https://download.tuxfamily.org/chrony
> +DIR_APP = $(DIR_SRC)/$(THISAPP)
> +TARGET = $(DIR_INFO)/$(THISAPP)
> +PROG = chrony
> +PAK_VER = 1
> +DEPS = ""
> +###############################################################################
> +# Top-level Rules
> +###############################################################################
> +
> +objects = $(DL_FILE)
> +
> +$(DL_FILE) = $(DL_FROM)/$(DL_FILE)
> +
> +$(DL_FILE)_BLAKE2 = 51ba6d19312fd52cd6d6d8ab9437c886a3779877170674db6dc37d657e849101e2669fd6c8723d24e43c895cd1924c3d8d2ff442baeef9abe8a6c313929edf5f
> +
> +
> +install : $(TARGET)
> +
> +check : $(patsubst %,$(DIR_CHK)/%,$(objects))
> +
> +download :$(patsubst %,$(DIR_DL)/%,$(objects))
> +b2 : $(subst %,%_BLAKE2,$(objects))
> +
> +dist:
> + @$(PAK)
> +###############################################################################
> +# Downloading, checking, md5sum
> +###############################################################################
> +
> +$(patsubst %,$(DIR_CHK)/%,$(objects)) :
> + @$(CHECK)
> +
> +$(patsubst %,$(DIR_DL)/%,$(objects)) :
> + @$(LOAD)
> +
> +$(subst %,%_MD5,$(objects)) :
> + @$(MD5)
> +
> +###############################################################################
> +# Installation Details
> +###############################################################################
> +
> +$(TARGET) : $(patsubst %,$(DIR_DL)/%,$(objects))
> + @$(PREBUILD)
> + @rm -rf $(DIR_APP) && cd $(DIR_SRC) && tar zxf $(DIR_DL)/$(DL_FILE)
> + cd $(DIR_APP) && \
> + ./configure \
> + --prefix=/usr \
> + --mandir=/usr/share/man \
> + --sysconfdir=/etc/chrony \
> + --without-readline \
> + --enable-scfilter \
> + --chronyrundir=/run/chrony \
> + --with-ntp-era=$(shell date -d '1970-01-01 00:00:00+00:00' +'%s') \
> + --enable-ntp-signd \
> + --with-hwclockfile=/etc/adjtime \
> + --with-pidfile=/run/chronyd.pid \
> + --host-system=Linux
> +
> +
> + cd $(DIR_APP) && make $(MAKETUNING)
> + cd $(DIR_APP) && make install
> +
> + mkdir -p /etc/chrony
> + cp -avf $(DIR_CONF)/chrony/etc/chrony/* /etc/chrony
> + cp -vrf $(DIR_CONF)/chrony/etc/rc.d/init.d/chrony /etc/rc.d/init.d
> + mkdir -p /usr/lib/chrony
> + cp -avf $(DIR_CONF)/chrony/usr/lib/chrony/* /usr/lib/chrony
> +
> + @rm -rf $(DIR_APP)
> + @$(POSTBUILD)
> diff --git a/make.sh b/make.sh
> index 3b7f9850c..ab995c20e 100755
> --- a/make.sh
> +++ b/make.sh
> @@ -1397,6 +1397,7 @@ buildipfire() {
> lfsmake2 python3-docutils
> lfsmake2 python3-daemon
> lfsmake2 ntp
> + lfsmake2 chrony
> lfsmake2 openssh
> lfsmake2 fontconfig
> lfsmake2 dejavu-fonts-ttf
> diff --git a/src/paks/chrony/install.sh b/src/paks/chrony/install.sh
> new file mode 100644
> index 000000000..b0b053bd6
> --- /dev/null
> +++ b/src/paks/chrony/install.sh
> @@ -0,0 +1,33 @@
> +#!/bin/bash
> +############################################################################
> +# #
> +# This file is part of the IPFire Firewall. #
> +# #
> +# IPFire is free software; you can redistribute it and/or modify #
> +# it under the terms of the GNU General Public License as published by #
> +# the Free Software Foundation; either version 2 of the License, or #
> +# (at your option) any later version. #
> +# #
> +# IPFire is distributed in the hope that it will be useful, #
> +# but WITHOUT ANY WARRANTY; without even the implied warranty of #
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
> +# GNU General Public License for more details. #
> +# #
> +# You should have received a copy of the GNU General Public License #
> +# along with IPFire; if not, write to the Free Software #
> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
> +# #
> +# Copyright (C) 2007 IPFire-Team <info(a)ipfire.org>. #
> +# #
> +############################################################################
> +#
> +. /opt/pakfire/lib/functions.sh
> +
> +extract_files
> +restore_backup ${NAME}
> +chmod ugo+x /etc/rc.d/init.d/chrony
> +ln -svf ../init.d/chrony /etc/rc.d/rc0.d/K46chrony
> +ln -svf ../init.d/chrony /etc/rc.d/rc3.d/S26chrony
> +ln -svf ../init.d/chrony /etc/rc.d/rc6.d/K46chrony
> +
> +start_service --background ${NAME}
> diff --git a/src/paks/chrony/uninstall.sh b/src/paks/chrony/uninstall.sh
> new file mode 100644
> index 000000000..9472553d3
> --- /dev/null
> +++ b/src/paks/chrony/uninstall.sh
> @@ -0,0 +1,31 @@
> +#!/bin/bash
> +############################################################################
> +# #
> +# This file is part of the IPFire Firewall. #
> +# #
> +# IPFire is free software; you can redistribute it and/or modify #
> +# it under the terms of the GNU General Public License as published by #
> +# the Free Software Foundation; either version 2 of the License, or #
> +# (at your option) any later version. #
> +# #
> +# IPFire is distributed in the hope that it will be useful, #
> +# but WITHOUT ANY WARRANTY; without even the implied warranty of #
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
> +# GNU General Public License for more details. #
> +# #
> +# You should have received a copy of the GNU General Public License #
> +# along with IPFire; if not, write to the Free Software #
> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
> +# #
> +# Copyright (C) 2007 IPFire-Team <info(a)ipfire.org>. #
> +# #
> +############################################################################
> +#
> +. /opt/pakfire/lib/functions.sh
> +stop_service ${NAME}
> +# wait2 terminate
> +sleep 3
> +make_backup ${NAME}
> +remove_files
> +rm -rf /etc/rc.d/rc*.d/*chrony
> +rm /etc/rc.d/rc3.d/off/*chrony
> diff --git a/src/paks/chrony/update.sh b/src/paks/chrony/update.sh
> new file mode 100644
> index 000000000..89c40d0d7
> --- /dev/null
> +++ b/src/paks/chrony/update.sh
> @@ -0,0 +1,26 @@
> +#!/bin/bash
> +############################################################################
> +# #
> +# This file is part of the IPFire Firewall. #
> +# #
> +# IPFire is free software; you can redistribute it and/or modify #
> +# it under the terms of the GNU General Public License as published by #
> +# the Free Software Foundation; either version 2 of the License, or #
> +# (at your option) any later version. #
> +# #
> +# IPFire is distributed in the hope that it will be useful, #
> +# but WITHOUT ANY WARRANTY; without even the implied warranty of #
> +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the #
> +# GNU General Public License for more details. #
> +# #
> +# You should have received a copy of the GNU General Public License #
> +# along with IPFire; if not, write to the Free Software #
> +# Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA #
> +# #
> +# Copyright (C) 2007 IPFire-Team <info(a)ipfire.org>. #
> +# #
> +############################################################################
> +#
> +. /opt/pakfire/lib/functions.sh
> +./uninstall.sh
> +./install.sh
> --
> 2.25.1
>
prev parent reply other threads:[~2023-03-22 10:03 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-03-20 20:18 Gerd Hoerst
2023-03-22 10:03 ` Michael Tremer [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=54D1D26E-1BFA-45E0-A8E3-CFEDAE756319@ipfire.org \
--to=michael.tremer@ipfire.org \
--cc=development@lists.ipfire.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox